1. Field of Invention
This invention relates generally to the field of biometric authentication and identification, and more specifically to anonymous biometric identity management and verification without knowledge of biographic, demographic or otherwise identifying information.
2. Description of Related Art
The need to establish personal identity occurs, for most individuals, many times a day. For example, a person may have to establish identity in order to gain access to, physical spaces, computers, bank accounts, personal records, restricted areas, reservations, and the like. Identity is typically established by a physical object such as, but not limited to a key, driver license, bank card, credit card; known information such as, but not limited to a computer password, personal identification number (PIN) number; and/or a unique and measurable biological feature such as, but not limited to a face recognized by a bank teller or security guard. From a security standpoint, identification based on a biological (or behavioral) feature is often favored because it can be objectively and automatically measured and is resistant to impersonation, theft, or other fraud. The use of biometrics, which are measurements derived from human biological features, to identify individuals is a rapidly emerging science.
Biometrics is a generic term for characteristics that can be used to distinguish one individual from another, particularly through the use of digital equipment such as a computer. An example of a biometric is a fingerprint. Trained analysts have long been able to match fingerprints in order to identify individuals. More recently, computer systems have been developed to match fingerprints automatically. Examples of biometrics that have been, or are now being, used to identify, or authenticate the identity of, individuals include two-dimensional (2D) face, three-dimensional (3D) face, hand geometry, single fingerprint, ten finger live scan, iris, palm, full hand, signature, ear, finger vein, retina, DNA, and voice. Other biometric may include characteristic gaits, lip movements, and the like. New biometric are being developed or discovered continually.
The implementation of a biometrics system requires the coordination between the individual providing the biometrics and the organization or business implementing the respective biometrics technology. Generally, the implementation of a biometrics system requires the individual to undergo an initial enrollment process. This means that one or more sample biometric measurements are provided by the individual, along with personal identifying, demographic information, such as, for example, name, address, telephone number, an identification number (e.g., a social security number), a bank account number, a credit card number, a reservation number, or some other information unique to that individual. The sample biometric measurements are stored along with this personal identification data in a database.
Following this initial enrollment process whereby the individual's biographic information is stored with the associated initial biometric sample, the individual that seeks verification at a subsequent time submits a second biometric sample (or multiple samples), along with some personal identifying information, such as described above, that is unique to that person. The personal identifying information is used to retrieve the individual's initial sample biometric from the database. This first sample is compared to the second sample, and if the samples are judged to match by some criteria specific to the biometric technology, then the individual is authenticated.
A second form of biometric authentication is identification. Like the verification case, the individual must be enrolled in a biometric database where each record includes a first biometric sample and accompanying personal identifying information which are intended to be released when authentication is successful. In order to be authenticated the individual submits only a second biometric sample, but no identifying information. The second biometric sample is compared against all first biometric samples in the database and a single matching first sample is found by applying a match criteria. The advantage of this second form of authentication is that the individual need not remember or carry the unique identifying information required in the verification method to retrieve a single first biometric sample from the database.
A common security problem within the above biometric identification and authentication techniques is the requirement of a central database of personal biographic and/or demographic information which is usually revealed at the moment of biometric matching and sampling. For example, personal information of the individual undergoing identification or authentication may be disclosed that is otherwise intended to be kept private. Thus, there exists the need of a new biometric verification technique that overcomes privacy concerns associated with this database containing personal identifying biographic/demographic information.